LAST UPDATED: April 2024
Nourish Responsible Disclosure Policy
We appreciate all security concerns – no matter how tenuous – brought to our attention, since we strive to safeguard our product from all threats, no matter how recent. Being proactive rather than reactive to emerging security issues is a fundamental principle at Nourish. If you believe you’ve found a security vulnerability in Nourish’s service, please notify us. We will collaborate to resolve the issue promptly.
Disclosure Policy
- If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at security@usenourish.com. We will acknowledge your email within five (5) business days.
- Provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within ten (10) business days of disclosure.
- Make a good faith effort to avoid violating privacy, destroying data, or interrupting or degrading the Nourish service. Please only interact with domains you own or for which you have explicit permission from the account holder.
Exclusions
While researching, we would greatly appreciate if you avoid using practices that could reasonably be considered to constitute:
- Distributed Denial of Service (DDoS)
- Spamming
- Social engineering or phishing of Nourish employees or contractors
- Any attacks against Nourish’s physical property or data centers Thank you for helping us keep Nourish and our customers safe!
Contact
Nourish is always open to feedback, questions, and suggestions. If you would like to talk to us, please email us at security@usenourish.com.